Are you ready for GDPR

Are you ready for GDPR

You should by now know that the rules are changing on General Data Protection Regulation (GDPR) to protect the data of EU citizens, but are you ready?


You should by now know that the rules are changing on General Data Protection Regulation (GDPR) to protect the data of EU citizens, but are you ready?

All organisations were given a two-year period to make sure they were compliant but that comes to an end on 25th May 2018.

If like many other businesses you have kept putting things off, here’s some help to make sure you’re ready when the time comes. Because if you don’t comply then you could be fined as much as 4% of your global annual turnover.

Elizabeth Denham, the UK’s information commissioner, who is in charge of data protection enforcement, said: “The General Data Protection Regulation (GDPR) is the biggest change to data protection law in a generation.

“if your business isn’t prepared, you’re leaving yourself open to enforcement action that can damage both your public reputation and bank balance.

New research by international law firm Paul Hastings has found that over half of companies across the UK and US will not be ready for the new regulations so they better get a move on because not being ready is no excuse.

Awareness is though and showing that you are moving in the right direction, even if you’re not quite there will result in some leniency being shown.

5 tips to make sure you’re prepared

Be Aware

You might know about GDPR but does everyone in the business who needs to?

Make sure everyone knows what is on the horizon and what the impact will be on the business.

What do you know?

When it comes to other people’s data you really need to know what you hold, how you got it and who you share it with. Having the answers now means you would be ready for any information audit that you might need to do.

Individuals’ rights

2017 was a bad year when it came to data breaches and the court case in December, which saw Morrisons found to be liable for a staff detail breach means the future could be very different, so you need to make sure you have the right procedures in place.

Now is the time to check yours and ensure they cover everyone’s rights as well as how you would go about deleting personal data and how you provide data electronically.

Communicating your privacy policy

Under GDPR you need to make sure everyone knows exactly where they stand, so review all of your current privacy notices to make sure they meet the new regulations. If they don’t, make sure you do something about it as soon as possible.

What to do if you’re breached

In an ideal world all of your cybersecurity efforts will prevent a data breach but as there is never a guarantee, making sure you have the procedures in place is vital.

So have plans to detect, report respond to a data breach to help minimize the disruption and effect.

Finally, make sure you or a designated data protection officer has familiarised themselves with all of the legislation so you know exactly what to expect.

  • Recent Articles
Author Details
Founder & CEO at Hedgehog Security

Peter has been in the Information Security world since 1999 and in IT in general since 1996. His work history contains a unique blended balance between the development of exceptional technical capabilities and business knowledge. Peter is a proud father of twins and enjoys GT endurance racing on the weekends.

We would like to keep you informed about our services. Please tick the options below to receive occasional updates via

  • penetration testing steps
    Peter talks to FindMyUkCasino
  • Malware
    SB Tech Breach

    Last week saw SB Tech Breached by the hacking group Maze. It seems that every week the group are announcing more victims.  GameOn asked our CEO Peter Bassill, to give us some insight into the attack. The GameOn article is here.

  • Privacy
    Howto VPn

    In our “How to securely” series we asked our followers what tools they would like a simple guide on to help them stay secure online. There seemed to be a lot of confusion as to what a VPN is and why you should or should not use one. So we asked Peter to help.

  • WhatsApp
    How To Whatsapp Safely

    WhatsApp is among the fastest-growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.

  • Morrisons Breach Update

    The UK’s highest court ruled that Morrisons can not be liable for a criminal act of a person seeking to harm their business. On April 1st, 2020, a panel of five justices unanimously ruled that Morrisons was not “vicariously liable”.

  • Remote Working Considerations

    With the current pandemic situation, we all need to be taking remote working considerations. While adjusting the work paradym, it is vital to keep a mind’s eye on the security and safety of the businesses information assets

  • Securing Zoom
    How To: Securing Zoom

    In this guide we are looking at how to go about securing zoom. Since the onset of the global pandemic, we have seen surge in “zoom bombing”. This is where people with malicious intent look for in-progress zoom meetings to join and cause trouble.

  • Software Security
    Dell EMC iDRAC memory corruption Vulnerability

    A critical vulnerabiltiy has been identified in Dell EMC iDRAC7, iDRAC8 and iDRAC9. Some unknown processing is affected by this issue. Manipulation with an unknown input can lead to stack based memory corruption.

  • Hiscox Sues for Failing to Disclose Data Breach

    On March 27th, Hiscox Insurance Company Inc. filed a complaint against law firm Warden Grier for concealing a data breach that occurred back in 2016.

  • Software Security
    Privilege escalation on Nginx Controller up to 3.1.x Controller API

    A critical vulnerability has been identified in Nginx Controller up to 3.1.x (web server,) affecting an unknown code block of the component Controller API.

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Scroll to Top